[rbak-nsp] SE100 + radius + pppoe

Wed Aug 24 13:19:39 EDT 2011

Hi Roberto,

Better to collect the logs on both sides, i.e. on radius server and on
SmartEdge.
Try to enable "terminal monitor" and some debug options like "debug
aaa exception" and "debug aaa rad-attr"

As I can see from you configuration - your dot1q pvc is not binded to
specific context, so in this case RADIUS server should send context-id
in Access-Accept. For example:

user          User-Password = "password"
                Service-Type = Framed-User,
                Framed-Protocol = PPP,
                Framed-IP-Netmask = 255.255.255.254,
                RB-Context-Name = "local"

You can check all available attributes in customer product documentation.
In my dictionary RB-Context-Name is:
VENDORATTR   2352       RB-Context-Name                            4    string

On Wed, Aug 24, 2011 at 8:21 AM, Roberto Z <robertoozeet at gmail.com> wrote:
> Hello
>
> I'm trying to run pppoe on my SE100 but with no successfull.
>
> This is my configuration:
>
> context local
> !
> ..
> ..
> ..
> !
>  aaa authentication administrator local
>  aaa authentication subscriber radius
> !
> radius server xx.xx.xx.xx encrypted-key 92D4215B6991E46F
> !
>
> context pppoe
> !
>  description  PPPoE
>  domain aqqq advertise
> !
>  no ip domain-lookup
>  logging console
> !
>  aaa authentication administrator local
>  aaa authentication administrator maximum sessions 1
>  aaa authentication subscriber radius global
> !
>
>
> port ethernet 2/2
>  description Gbit#2
>  no shutdown
>  medium-type copper
>  encapsulation dot1q
>  dot1q pvc 701 encapsulation multi
>   circuit protocol pppoe
>    bind authentication chap maximum 2000
>
> !
>  pppoe services marked-domains
>  pppoe always-send-padt
>
>
>
>
> logs from radius:
>
> rad_recv: Access-Request packet from host 192.168.221.5 port 1812, id=10,
> length=204
>         User-Name = "roberto"
>         CHAP-Password = 0x012ae7b42275cab353a3d40be701052f37
>         CHAP-Challenge = 0xc1c5d3a83dad59b0cb562fd722d91821
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         NAS-Identifier = "roberto-rbak01"
>         NAS-Port = 33685504
>         NAS-Real-Port = 570426045
>         NAS-Port-Type = Virtual
>         NAS-Port-Id = "2/2 vlan-id 701 pppoe 17"
>         Medium-Type = DSL
>         Mac-Addr = "00-17-f2-ce-d2-80"
>         Platform-Type = 4
>         OS-Version = "6.2.1.4"
>
> Found Auth-Type = CHAP
> +- entering group CHAP {...}
> [chap] login attempt by "roberto" with CHAP password
> [chap] Using clear text password "roberto" for user roberto authentication.
> [chap] chap user roberto authenticated succesfully
> ++[chap] returns ok
> +- entering group post-auth {...}
> ++[exec] returns noop
> Sending Access-Accept of id 10 to 192.168.201.5 port 1812
>         Framed-IP-Address = 10.10.10.10
> Finished request 6.
> Going to the next request
> Waking up in 4.9 seconds.
> Cleaning up request 6 ID 10 with timestamp +523
> Ready to process requests.
>
> Looks fine but pppoe session can't be estabilished
>
> What is wrong ?
>
> Thanks for help
>

-- 
Best regards,
Yuri